Block fraudsters

The Face Blocklist is a security feature that proactively prevents fraudulent activities by identifying and denying access to known fraudsters. This feature automatically compares incoming faces—whether captured from a selfie during face authentication or a document portrait during document verification—against a maintained list of flagged images, ensuring that repeat fraud attempts are detected and prevented.

By leveraging high-confidence facial matching technology with low tolerance for mismatches, the system achieves a near-zero false positive rate (0.001% or 1 in 100,000).

This feature is particularly valuable for fraud prevention teams, compliance officers, and security personnel who need to mitigate risks, analyze suspicious activity, and maintain the integrity of identity verification processes.

Face Blocklist screen

Use cases & benefits

Fraud review plays a crucial role in identity verification and fraud prevention workflows. Admins and customer service representatives can perform:

  • Fraud case investigation : Any image added to the blocklist—whether manually uploaded or selected from a session report—is stored permanently, separate from session images. This ensures that fraud teams can analyze, compare, and validate fraud decisions in cases of repeated fraud attempts.
  • Manual intervention & oversight : If a fraud review determines that a person was incorrectly blocked, reviewers can manually remove that person’s face from the blocklist, in accordance with company policies. This helps prevent further false positives. Stored fraud cases also support compliance teams in investigating fraud trends and responding to legal inquiries.

How it works

By default, every verification attempt is compared against a maintained list of images flagged as fraudulent:

  • If no match is found , the verification proceeds to the next checks.
  • If a match is found , the session is automatically denied. However, adding the detected face to the blocklist is a manual action that must be performed through the verification session report in Mosaic ( Admin portal > Identity Verification > Verifications > select verification > Verification report ).

Adding and managing fraud cases

Besides relying on automatic detection, admins can also manually upload both selfies and document portraits of known fraudsters to enhance fraud prevention. When uploading, they can:

  • Tag the image as a selfie or portrait
  • Add a description
  • Assign tags for better case management

Moreover, admins can delete blocklisted images, access their metadata (e.g., Person ID, Face ID, Session ID, tags, and others), and modify it where applicable.

How verification flow determines image type

The type of image added to the blocklist depends on the verification flow. Note that:

  • If the full identity verification flow is performed, the selfie is used.
  • If the verification process is document-only , the face from the document portrait is used.

Multiple sessions detection

The system includes a Multiple Sessions Detector, which flags suspicious repeated face appearances across different sessions.

  • This detection does not automatically block access but helps fraud analysts identify potential fraud patterns.
  • Analysts can investigate these cases using Fraud Prevention tools in Mosaic.

Managing fraud entities

Fraudster detection automatically groups related fraudulent identities based on facial similarity, allowing for improved tracking and review. While all uploaded images are stored individually, they are clustered when similar faces are detected. A primary image represents each fraudster. Initially, this is the first uploaded image, but it can be changed manually by the user.
This way, analysts can:

  • Consolidate multiple flagged images under a known fraudster profile
  • Search for blocked individuals using tags and image similarity search
  • Improve fraud case management by linking repeat offenders

Data retention & privacy

To balance fraud prevention with user privacy, the system follows a structured retention policy that includes data minimization, unlinking, and controlled storage. For more, see Personally Identifiable Information (PII) Handling.